CVE-2014-3688

Severity

50%

Complexity

99%

Confidentiality

48%

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 10 years ago

2014-11-30 01:59:00

Last updated 8 years ago

2016-08-23 02:08:00

Affected Software

Linux Kernel 3.0 release candidate 1

3.0

Linux Kernel 3.0 release candidate 2

3.0

Linux Kernel 3.0 release candidate 3

3.0

Linux Kernel 3.0 release candidate 4

3.0

Linux Kernel 3.0 release candidate 5

3.0

Linux Kernel 3.0 release candidate 6

3.0

Linux Kernel 3.0 release candidate 7

3.0

Linux Kernel 3.0.1

3.0.1

Linux Kernel 3.0.2

3.0.2

Linux Kernel 3.0.3

3.0.3

Linux Kernel 3.0.4

3.0.4

Linux Kernel 3.0.5

3.0.5

Linux Kernel 3.0.6

3.0.6

Linux Kernel 3.0.7

3.0.7

Linux Kernel 3.0.8

3.0.8

Linux Kernel 3.0.9

3.0.9

Linux Kernel 3.0.10

3.0.10

Linux Kernel 3.0.11

3.0.11

Linux Kernel 3.0.12

3.0.12

Linux Kernel 3.0.13

3.0.13

Linux Kernel 3.0.14

3.0.14

Linux Kernel 3.0.15

3.0.15

Linux Kernel 3.0.16

3.0.16

Linux Kernel 3.0.17

3.0.17

Linux Kernel 3.0.18

3.0.18

Linux Kernel 3.0.19

3.0.19

Linux Kernel 3.0.20

3.0.20

Linux Kernel 3.0.21

3.0.21

Linux Kernel 3.0.22

3.0.22

Linux Kernel 3.0.23

3.0.23

Linux Kernel 3.0.24

3.0.24

Linux Kernel 3.0.25

3.0.25

Linux Kernel 3.0.26

3.0.26

Linux Kernel 3.0.27

3.0.27

Linux Kernel 3.0.28

3.0.28

Linux Kernel 3.0.29

3.0.29

Linux Kernel 3.0.30

3.0.30

Linux Kernel 3.0.31

3.0.31

Linux Kernel 3.0.32

3.0.32

Linux Kernel 3.0.33

3.0.33

Linux Kernel 3.0.34

3.0.34

Linux Kernel 3.0.35

3.0.35

Linux Kernel 3.0.36

3.0.36

Linux Kernel 3.0.37

3.0.37

Linux Kernel 3.0.38

3.0.38

Linux Kernel 3.0.39

3.0.39

Linux Kernel 3.0.40

3.0.40

Linux Kernel 3.0.41

3.0.41

Linux Kernel 3.0.42

3.0.42

Linux Kernel 3.0.43

3.0.43

Linux Kernel 3.0.44

3.0.44

Linux Kernel 3.0.45

3.0.45

Linux Kernel 3.0.46

3.0.46

Linux Kernel 3.0.47

3.0.47

Linux Kernel 3.0.48

3.0.48

Linux Kernel 3.0.49

3.0.49

Linux Kernel 3.0.50

3.0.50

Linux Kernel 3.0.51

3.0.51

Linux Kernel 3.0.52

3.0.52

Linux Kernel 3.0.53

3.0.53

Linux Kernel 3.0.54

3.0.54

Linux Kernel 3.0.55

3.0.55

Linux Kernel 3.0.56

3.0.56

Linux Kernel 3.0.57

3.0.57

Linux Kernel 3.0.58

3.0.58

Linux Kernel 3.0.59

3.0.59

Linux Kernel 3.0.60

3.0.60

Linux Kernel 3.0.61

3.0.61

Linux Kernel 3.0.62

3.0.62

Linux Kernel 3.0.63

3.0.63

Linux Kernel 3.0.64

3.0.64

Linux Kernel 3.0.65

3.0.65

Linux Kernel 3.0.66

3.0.66

Linux Kernel 3.0.67

3.0.67

Linux Kernel 3.0.68

3.0.68

Linux Kernel 3.1

3.1

Linux Kernel 3.1 release candidate 1

3.1

Linux Kernel 3.1 release candidate 2

3.1

Linux Kernel 3.1 release candidate 3

3.1

Linux Kernel 3.1 release candidate 4

3.1

Linux Kernel 3.1.1

3.1.1

Linux Kernel 3.1.2

3.1.2

Linux Kernel 3.1.3

3.1.3

Linux Kernel 3.1.4

3.1.4

Linux Kernel 3.1.5

3.1.5

Linux Kernel 3.1.6

3.1.6

Linux Kernel 3.1.7

3.1.7

Linux Kernel 3.1.8

3.1.8

Linux Kernel 3.1.9

3.1.9

Linux Kernel 3.1.10

3.1.10

Linux Kernel 3.2

3.2

Linux Kernel 3.2 (x86)

3.2

Linux Kernel 3.2 release candidate 2

3.2

Linux Kernel 3.2 release candidate 3

3.2

Linux Kernel 3.10

3.10

Linux Kernel 3.10.0 on ARM64 architecture

3.10.0

Linux Kernel 3.10.1

3.10.1

Linux Kernel 3.10.1 on ARM64 architecture

3.10.1

Linux Kernel 3.10.2

3.10.2

Linux Kernel 3.10.2 on ARM64 architecture

3.10.2

Linux Kernel 3.10.3

3.10.3

Linux Kernel 3.10.3 on ARM64 architecture

3.10.3

Linux Kernel 3.10.4

3.10.4

Linux Kernel 3.10.4 on ARM64 architecture

3.10.4

Linux Kernel 3.10.5

3.10.5

Linux Kernel 3.10.5 on ARM64 architecture

3.10.5

Linux Kernel 3.10.6

3.10.6

Linux Kernel 3.10.6 on ARM64 architecture

3.10.6

Linux Kernel 3.10.7

3.10.7

Linux Kernel 3.10.7 on ARM64 architecture

3.10.7

Linux Kernel 3.10.8

3.10.8

Linux Kernel 3.10.8 on ARM64 architecture

3.10.8

Linux Kernel 3.10.9

3.10.9

Linux Kernel 3.10.9 on ARM64 architecture

3.10.9

Linux Kernel 3.10.10

3.10.10

Linux Kernel 3.10.11

3.10.11

Linux Kernel 3.10.2

3.10.12

Linux Kernel 3.10.13

3.10.13

Linux Kernel 3.10.14

3.10.14

Linux Kernel 3.10.15

3.10.15

Linux Kernel 3.10.16

3.10.16

Linux Kernel 3.10.17

3.10.17

Linux Kernel 3.10.18

3.10.18

Linux Kernel 3.10.19

3.10.19

Linux Kernel 3.10.20

3.10.20

Linux Kernel 3.10.21

3.10.21

Linux Kernel 3.10.22

3.10.22

Linux Kernel 3.10.23

3.10.23

Linux Kernel 3.10.24

3.10.24

Linux Kernel 3.10.25

3.10.25

Linux Kernel 3.10.26

3.10.26

Linux Kernel 3.10.27

3.10.27

Linux Kernel 3.10.28

3.10.28

Linux Kernel 3.10.29

3.10.29

Linux Kernel 3.11

3.11

Linux Kernel 3.11.1

3.11.1

Linux Kernel 3.11.2

3.11.2

Linux Kernel 3.11.3

3.11.3

Linux Kernel 3.11.4

3.11.4

Linux Kernel 3.11.5

3.11.5

Linux Kernel 3.11.6

3.11.6

Linux Kernel 3.11.7

3.11.7

Linux Kernel 3.11.8

3.11.8

Linux Kernel 3.11.9

3.11.9

Linux Kernel 3.11.10

3.11.10

Linux Kernel 3.12

3.12

Linux Kernel 3.12.1

3.12.1

Linux Kernel 3.12.2

3.12.2

Linux Kernel 3.12.3

3.12.3

Linux Kernel 3.12.4

3.12.4

Linux Kernel 3.12.5

3.12.5

Linux Kernel 3.12.6

3.12.6

Linux Kernel 3.12.7

3.12.7

Linux Kernel 3.12.8

3.12.8

Linux Kernel 3.12.9

3.12.9

Linux Kernel 3.12.10

3.12.10

Linux Kernel 3.12.11

3.12.11

Linux Kernel 3.12.12

3.12.12

Linux Kernel 3.12.13

3.12.13

Linux Kernel 3.12.14

3.12.14

Linux Kernel 3.12.15

3.12.15

Linux Kernel 3.12.16

3.12.16

Linux Kernel 3.12.17

3.12.17

Linux Kernel 3.13

3.13

Linux Kernel 3.13.1

3.13.1

Linux Kernel 3.13.2

3.13.2

Linux Kernel 3.13.3

3.13.3

Linux Kernel 3.13.4

3.13.4

Linux Kernel 3.13.5

3.13.5

Linux Kernel 3.13.6

3.13.6

Linux Kernel 3.13.7

3.13.7

Linux Kernel 3.13.8

3.13.8

Linux Kernel 3.13.9

3.13.9

Linux Kernel 3.13.10

3.13.10

Linux Kernel 3.13.11

3.13.11

Linux Kernel 3.14

3.14

Linux Kernel 3.14 release candidate 1

3.14

Linux Kernel 3.14 release candidate 2

3.14

Linux Kernel 3.14 release candidate 3

3.14

Linux Kernel 3.14 release candidate 4

3.14

Linux Kernel 3.14 release candidate 5

3.14

Linux Kernel 3.14 release candidate 6

3.14

Linux Kernel 3.14 release candidate 7

3.14

Linux Kernel 3.14 release candidate 8

3.14

Linux Kernel 3.14.1

3.14.1

Linux Kernel 3.14.2

3.14.2

Linux Kernel 3.14.3

3.14.3

Linux Kernel 3.14.4

3.14.4

Linux Kernel 3.14.5

3.14.5

Linux Kernel 3.15

3.15

Linux Kernel 3.15.1

3.15.1

Linux Kernel 3.15.2

3.15.2

Linux Kernel 3.15.3

3.15.3

Linux Kernel 3.15.4

3.15.4

Linux Kernel 3.15.5

3.15.5

Linux Kernel 3.15.6

3.15.6

Linux Kernel 3.15.7

3.15.7

Linux Kernel 3.15.8

3.15.8

Linux Kernel 3.16.0

3.16.0

Linux Kernel 3.16.1

3.16.1

Linux Kernel 3.17

3.17

Linux Kernel

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=26b87c7881006311828bb0ab271a551a62dcceb4

Exploit

SUSE-SU-2015:0481

openSUSE-SU-2015:0566

SUSE-SU-2015:0652

SUSE-SU-2015:0736

HPSBGN03285

HPSBGN03282

RHSA-2015:0062

RHSA-2015:0115

DSA-3060

http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4

[oss-security] 20141113 Linux kernel: SCTP issues

USN-2417-1

USN-2418-1

https://bugzilla.redhat.com/show_bug.cgi?id=1155745

https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.